aljaz/kata-containers
1
0
Fork 0
mirror of https://github.com/aljazceru/kata-containers.git synced 2026-01-19 22:34:28 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
3b70c72436c41797ea2d30c7866dcafe79011d1b
kata-containers/tools/packaging/kata-deploy/local-build/dockerbuild/Dockerfile
Archana Shinde efdb92366b build: Fix clh source build as normal user 
While running make as non-privileged user, the make errors out with
the following message:
"INFO: Build cloud-hypervisor enabling the following features: tdx
Got permission denied while trying to connect to the Docker daemon
socket at unix:///var/run/docker.sock: Post
"http://%2Fvar%2Frun%2Fdocker.sock/v1.24/images/create?fromImage=cloudhypervisor%2Fdev&tag=20220524-0":
dial unix /var/run/docker.sock: connect: permission denied"

Even though the user may be part of docker group, the clh build from
source does a docker in docker build. It is necessary for the user of
the nested container to be part of docker build for the build to
succeed.

Fixes #4594

Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
2022-07-06 18:28:00 -07:00

49 lines
1.4 KiB
Docker
Raw Blame History

# Copyright (c) 2021 Intel Corporation
#
# SPDX-License-Identifier: Apache-2.0
FROM ubuntu:20.04
ENV DEBIAN_FRONTEND=noninteractive
ENV INSTALL_IN_GOPATH=false
COPY install_yq.sh /usr/bin/install_yq.sh
# Install yq and docker
RUN apt-get update && \
apt-get install -y --no-install-recommends \
ca-certificates \
curl \
sudo && \
apt-get clean && rm -rf /var/lib/apt/lists/ && \
install_yq.sh && \
curl -fsSL https://get.docker.com -o get-docker.sh && \
sh get-docker.sh
ARG IMG_USER=kata-builder
ARG UID=1000
ARG GID=1000
# gid of the docker group on the host, required for running docker in docker builds.
ARG HOST_DOCKER_GID
RUN if [ ${IMG_USER} != "root" ]; then groupadd --gid=${GID} ${IMG_USER};fi
RUN if [ ${IMG_USER} != "root" ]; then adduser ${IMG_USER} --uid=${UID} --gid=${GID};fi
RUN if [ ${IMG_USER} != "root" ] && [ ! -z ${HOST_DOCKER_GID} ]; then groupadd --gid=${HOST_DOCKER_GID} docker_on_host;fi
RUN if [ ${IMG_USER} != "root" ] && [ ! -z ${HOST_DOCKER_GID} ]; then usermod -a -G docker_on_host ${IMG_USER};fi
RUN sh -c "echo '${IMG_USER} ALL=NOPASSWD: ALL' >> /etc/sudoers"
#FIXME: gcc is required as agent is build out of a container build.
RUN apt-get update && \
apt-get install --no-install-recommends -y \
build-essential \
cpio \
gcc \
git \
make \
unzip \
xz-utils && \
apt-get clean && rm -rf /var/lib/apt/lists
ENV USER ${IMG_USER}
USER ${IMG_USER}
Reference in New Issue View Git Blame Copy Permalink